Hello folks,
I am creating some exploits written in Ruby. Most of my payloads are
TCP bind shells, Netcat works well for connecting to those bind
shells. But I thought, why not connect to the shell directly from Ruby
immediately after sending the payload. Currently I use this snippet
from a Ruby standard library sample I found somewhere:
"""
s = TCPsocket.open(host,port)
STDOUT.flush
while gets( )
s.write($_)
print(s.readline)
end
s.close
"""
Works, but is very limited compared to Netcat. Return only one line
(for example after an "ls"). One strange thing is that it hangs when I
send "cd /". No output and subsequent commands are not processed. "/"
and "cd" are OK. Metasploit has its own library for this kind of
stuff. I think it is called Metasploit Rex. Looking at the sources I
see some references to Rex::IO::Stream. I find it complex and I would
like to avoid something that needs external libraries.
Can the above snippet be improved? Is there a better way of emulating
Netcat? Is it possible to use Net::Telnet? Thanks everyone.
Eduardo Tongson